The MirageOS Blogon building functional operating systems

This work funded in part by the EU FP7 User-Centric Networking project, Grant
No. 611001.

The first release of MirageOS back in December 2013 introduced the prototype
of the unikernel concept, which realised the promise of a safe,
flexible mechanism to build highly optimized software stacks purpose-built for deployment in the public cloud (more background on this).
Since then, we've been hard at work using and extending MirageOS for real projects and the community has been
steadily growing.

We're thrilled to announce the release of MirageOS v2.0 today! Over the past
few weeks the team has been hard at work blogging about all
the new features in this latest release, coordinated by the tireless Amir Chaudhry:

ARM device support: While the first version of MirageOS was specialised towards conventional x86 clouds, the code generation and boot libraries have now been made portable enough to operate on low-power embedded ARM devices such as the Cubieboard 2. This is a key part of our efforts to build a safe, unified mutiscale programming model for both cloud and mobile workloads as part of the Nymote project. We also upstreamed the changes required to the Xen Project so that other unikernel efforts such as HalVM or ClickOS can benefit.

Irmin distributed, branchable storage: Unikernels usually execute in a distributed, disconnection-prone environment (particularly with the new mobile ARM support). We therefore built the Irmin library to explicitly make synchronization easier via a Git-like persistence model that can be used to build and easily trace the operation of distributed applications across all of these diverse environments.

OCaml TLS: The philosophy of MirageOS is to construct the entire operating system in a safe programming style, from the device drivers up. This continues in this release with a comprehensive OCaml implementation of Transport Level Security, the most widely deployed end-to-end encryption protocol on the Internet (and one that is very prone to bad security holes). The blog series is written by Hannes Mehnert and David Kaloper.

"Modular foreign function bindings" by Jeremy Yallop continues the march towards abstraction by expaining how to interface safely with code written in C, without having to write any unsafe C bindings! This forms the basis for allowing Xen unikernels to communicate with existing libraries that they may want to keep at arm's length for security reasons.

All the libraries required for these new features are regularly
released into the OPAM package manager, so
just follow the installation instructions to give them a spin.
A release this size probably introduces minor hiccups that may cause build
failures, so we very much encourage bug
reports on our issue tracker or
questions to our mailing lists. Don't be shy: no question is too
basic, and we'd love to hear of any weird and wacky uses you put this new
release to! And finally, the lifeblood of MirageOS is about sharing and
publishing libraries that add new functionality to the framework, so do get
involved and open-source your own efforts.